External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-16 18:50:04 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1771 from shanemcd/kubernetes-role-cleanup

Browse Source 
Kubernetes role cleanup
This commit is contained in:
Shane McDonald
2018-04-17 11:16:46 -04:00
committed by GitHub
parent 0055c2ffff 40d7751fbd
commit ffc347bfd0
15 changed files with 176 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
installer/install.yml
View File

@@ -5,5 +5,6 @@
roles: roles:
- { role: check_vars } - { role: check_vars }
- { role: image_build, when: "dockerhub_base is not defined" } - { role: image_build, when: "dockerhub_base is not defined" }
- { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" }
- { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" } - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" }
- { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" } - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" }

11
installer/inventory
View File

@@ -12,13 +12,12 @@ dockerhub_version=latest
# Openshift Install # Openshift Install
# Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t) # Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t)
# openshift_host=127.0.0.1:8443 # openshift_host=127.0.0.1:8443
# awx_openshift_project=awx # openshift_project=awx
# openshift_user=developer # openshift_user=developer
# awx_node_port=30083
# Kubernetes Install # Kubernetes Install
# kubernetes_context=test-cluster # kubernetes_context=test-cluster
# awx_kubernetes_namespace=awx # kubernetes_namespace=awx
# Kubernetes and Openshift Install Resource Requests # Kubernetes and Openshift Install Resource Requests
# This is the request value for a pod's "task" container, which is the container # This is the request value for a pod's "task" container, which is the container
@@ -27,8 +26,8 @@ dockerhub_version=latest
# in the pod # in the pod
# A cpu_request of 1500 is 1.5 cores for the task container # A cpu_request of 1500 is 1.5 cores for the task container
# A mem_request of 2 is for 2 gigabytes of memory for the task container # A mem_request of 2 is for 2 gigabytes of memory for the task container
# awx_task_cpu_request=1500 # task_cpu_request=1500
# awx_task_mem_request=2 # task_mem_request=2
# Common Docker parameters # Common Docker parameters
postgres_data_dir=/tmp/pgdocker postgres_data_dir=/tmp/pgdocker
@@ -83,7 +82,7 @@ pg_port=5432
# AWX Secret key # AWX Secret key
# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt # It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
# your credentials # your credentials
awx_secret_key=awxsecret secret_key=awxsecret
# Build AWX with official logos # Build AWX with official logos
# Requires cloning awx-logos repo into the project root. # Requires cloning awx-logos repo into the project root.

6
installer/roles/check_vars/tasks/check_openshift.yml
View File

@@ -1,10 +1,10 @@
# check_openshift.yml # check_openshift.yml
--- ---
- name: awx_openshift_project should be defined - name: openshift_project should be defined
assert: assert:
that: that:
- awx_openshift_project is defined and awx_openshift_project != '' - openshift_project is defined and openshift_project != ''
msg: "Set the value of 'awx_openshift_project' in the inventory file." msg: "Set the value of 'openshift_project' in the inventory file."
- name: openshift_user should be defined - name: openshift_user should be defined
assert: assert:

14
installer/roles/image_build/tasks/main.yml
View File

@@ -89,11 +89,11 @@
- name: Set awx_web image name - name: Set awx_web image name
set_fact: set_fact:
awx_web_image: "{{ awx_web_image|default('awx_web') }}" web_image: "{{ web_image|default('awx_web') }}"
- name: Set awx_task image name - name: Set awx_task image name
set_fact: set_fact:
awx_task_image: "{{ awx_task_image|default('awx_task') }}" task_image: "{{ task_image|default('awx_task') }}"
- name: Ensure directory exists - name: Ensure directory exists
file: file:
@@ -195,7 +195,7 @@
no_proxy: "{{ no_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}"
path: "{{ docker_base_path }}" path: "{{ docker_base_path }}"
dockerfile: Dockerfile dockerfile: Dockerfile
name: "{{ awx_web_image }}" name: "{{ web_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
delegate_to: localhost delegate_to: localhost
@@ -207,11 +207,17 @@
no_proxy: "{{ no_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}"
path: "{{ docker_base_path }}" path: "{{ docker_base_path }}"
dockerfile: Dockerfile.task dockerfile: Dockerfile.task
name: "{{ awx_task_image }}" name: "{{ task_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
pull: no pull: no
delegate_to: localhost delegate_to: localhost
- name: Tag task and web images as latest
command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest"
with_items:
- "{{ task_image }}"
- "{{ web_image }}"
- name: Clean docker base directory - name: Clean docker base directory
file: file:
path: "{{ docker_base_path }}" path: "{{ docker_base_path }}"

2
installer/roles/image_build/templates/Dockerfile.task.j2
View File

@@ -1,4 +1,4 @@
FROM {{ awx_web_image }}:{{ awx_version }} FROM {{ web_image }}:{{ awx_version }}
USER 0 USER 0
RUN sudo yum -y remove nginx RUN sudo yum -y remove nginx
USER 1000 USER 1000

35
installer/roles/image_push/tasks/main.yml
View File

@@ -1,4 +1,13 @@
--- ---
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Remove local images to ensure proper push behavior - name: Remove local images to ensure proper push behavior
# TODO: this code will not be necessary if and when docker_image can be configured to push if the image # TODO: this code will not be necessary if and when docker_image can be configured to push if the image
# Already exists locally # Already exists locally
@@ -6,13 +15,13 @@
block: block:
- name: Remove web image - name: Remove web image
docker_image: docker_image:
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
state: absent state: absent
- name: Remove task image - name: Remove task image
docker_image: docker_image:
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
state: absent state: absent
delegate_to: localhost delegate_to: localhost
@@ -22,22 +31,28 @@
block: block:
- name: Tag and push web image to registry - name: Tag and push web image to registry
docker_image: docker_image:
name: "{{ awx_web_image }}" name: "{{ web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
tag: "{{ awx_version }}" tag: "{{ item }}"
push: yes push: yes
with_items:
- "latest"
- "{{ awx_version }}"
- name: Tag and push task image to registry - name: Tag and push task image to registry
docker_image: docker_image:
name: "{{ awx_task_image }}" name: "{{ task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
tag: "{{ awx_version }}" tag: "{{ item }}"
push: yes push: yes
with_items:
- "latest"
- "{{ awx_version }}"
delegate_to: localhost delegate_to: localhost
- name: Set full image path for Registry - name: Set full image path for Registry
set_fact: set_fact:
awx_web_docker_actual_image: >- awx_web_docker_actual_image: >-
{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }} {{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}:{{ awx_version }}
awx_task_docker_actual_image: >- awx_task_docker_actual_image: >-
{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }} {{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}:{{ awx_version }}

27
installer/roles/kubernetes/defaults/main.yml
View File

@@ -1,17 +1,26 @@
--- ---
awx_web_mem_request: 1 dockerhub_web_image: "{{ dockerhub_base | default('ansible') }}/awx_web:{{ dockerhub_version | default('latest') }}"
awx_web_cpu_request: 500 dockerhub_task_image: "{{ dockerhub_base | default('ansible') }}/awx_task:{{ dockerhub_version | default('latest') }}"
awx_task_mem_request: 2 web_mem_request: 1
awx_task_cpu_request: 1500 web_cpu_request: 500
awx_rabbitmq_mem_request: 2 task_mem_request: 2
awx_rabbitmq_cpu_request: 500 task_cpu_request: 1500
awx_memcached_mem_request: 1 rabbitmq_mem_request: 2
awx_memcached_cpu_request: 500 rabbitmq_cpu_request: 500
rabbitmq_version: "3.7.4" memcached_mem_request: 1
memcached_cpu_request: 500
kubernetes_rabbitmq_version: "3.7.4"
kubernetes_rabbitmq_image: "ansible/awx_rabbitmq"
kubernetes_memcached_version: "latest"
kubernetes_memcached_image: "memcached"
openshift_pg_emptydir: no openshift_pg_emptydir: no
openshift_pg_pvc_name: postgresql openshift_pg_pvc_name: postgresql
kubernetes_deployment_name: awx

6
installer/roles/kubernetes/tasks/kubernetes.yml
View File

@@ -2,15 +2,15 @@
shell: "kubectl config set-context {{ kubernetes_context }}" shell: "kubectl config set-context {{ kubernetes_context }}"
- name: Get Namespace Detail - name: Get Namespace Detail
shell: "kubectl get namespace {{ awx_kubernetes_namespace }}" shell: "kubectl get namespace {{ kubernetes_namespace }}"
register: namespace_details register: namespace_details
ignore_errors: yes ignore_errors: yes
- name: Create AWX Kubernetes Project - name: Create AWX Kubernetes Project
shell: "kubectl create namespace {{ awx_kubernetes_namespace }}" shell: "kubectl create namespace {{ kubernetes_namespace }}"
when: namespace_details.rc != 0 when: namespace_details.rc != 0
- name: Set postgresql service name - name: Set postgresql service name
set_fact: set_fact:
postgresql_service_name: "{{ awx_kubernetes_namespace }}-postgresql" postgresql_service_name: "{{ kubernetes_namespace }}-postgresql"
when: "pg_hostname is not defined or pg_hostname == ''" when: "pg_hostname is not defined or pg_hostname == ''"

52
installer/roles/kubernetes/tasks/main.yml
View File

@@ -5,7 +5,7 @@
- name: Set kubernetes base path - name: Set kubernetes base path
set_fact: set_fact:
kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" kubernetes_base_path: "{{ local_base_config_path|default('/tmp') }}/{{ kubernetes_deployment_name }}-config"
- include_tasks: openshift.yml - include_tasks: openshift.yml
when: openshift_host is defined when: openshift_host is defined
@@ -18,39 +18,11 @@
kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}" kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"
- name: Get Postgres Service Detail - name: Get Postgres Service Detail
shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ awx_kubernetes_namespace }}" shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ kubernetes_namespace }}"
register: postgres_svc_details register: postgres_svc_details
ignore_errors: yes ignore_errors: yes
when: "pg_hostname is not defined or pg_hostname == ''" when: "pg_hostname is not defined or pg_hostname == ''"
- name: Manage AWX Container Images
include_role:
name: image_push
when: dockerhub_base is not defined
- name: Set image names
block:
- name: Enable image stream lookups for awx images
shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ awx_kubernetes_namespace }}"
when: openshift_host is defined
- name: Set full web image path
set_fact:
awx_web_kubernetes_image: "{{ awx_web_image }}:{{ awx_version }}"
when: awx_web_kubernetes_image is not defined
- name: Set full task image path
set_fact:
awx_task_kubernetes_image: "{{ awx_task_image }}:{{ awx_version }}"
when: awx_task_kubernetes_image is not defined
when: dockerhub_base is not defined
- name: Set DockerHub Image Paths
set_fact:
awx_web_kubernetes_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}"
awx_task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}"
when: dockerhub_base is defined
- name: Deploy PostgreSQL (OpenShift) - name: Deploy PostgreSQL (OpenShift)
block: block:
- name: Template PostgreSQL Deployment - name: Template PostgreSQL Deployment
@@ -69,7 +41,7 @@
-e POSTGRESQL_PASSWORD={{ pg_password }} \ -e POSTGRESQL_PASSWORD={{ pg_password }} \
-e POSTGRESQL_DATABASE={{ pg_database }} \ -e POSTGRESQL_DATABASE={{ pg_database }} \
-e POSTGRESQL_VERSION=9.5 \ -e POSTGRESQL_VERSION=9.5 \
-n {{ awx_kubernetes_namespace }} -n {{ kubernetes_namespace }}
register: openshift_pg_activate register: openshift_pg_activate
when: when:
- pg_hostname is not defined or pg_hostname == '' - pg_hostname is not defined or pg_hostname == ''
@@ -78,7 +50,7 @@
- name: Deploy and Activate Postgres (Kubernetes) - name: Deploy and Activate Postgres (Kubernetes)
shell: | shell: |
helm install --name awx --namespace {{ awx_kubernetes_namespace }} \ helm install --name awx --namespace {{ kubernetes_namespace }} \
--set postgresUser={{ pg_username }} \ --set postgresUser={{ pg_username }} \
--set postgresPassword={{ pg_password }} \ --set postgresPassword={{ pg_password }} \
--set postgresDatabase={{ pg_database }} \ --set postgresDatabase={{ pg_database }} \
@@ -92,7 +64,7 @@
- name: Set postgresql hostname to helm package service - name: Set postgresql hostname to helm package service
set_fact: set_fact:
pg_hostname: awx-postgresql pg_hostname: "{{ kubernetes_deployment_name }}-postgresql"
when: when:
- pg_hostname is not defined or pg_hostname == '' - pg_hostname is not defined or pg_hostname == ''
- kubernetes_context is defined - kubernetes_context is defined
@@ -107,13 +79,25 @@
path: "{{ kubernetes_base_path }}" path: "{{ kubernetes_base_path }}"
state: directory state: directory
- name: Template Kubernetes AWX Config - name: Template Kubernetes AWX Config
template: template:
src: configmap.yml.j2 src: configmap.yml.j2
dest: "{{ kubernetes_base_path }}/configmap.yml" dest: "{{ kubernetes_base_path }}/configmap.yml"
mode: '0600' mode: '0600'
- name: Set image names if using custom registry
block:
- name: Set task image name
set_fact:
kubernetes_task_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
when: kubernetes_task_image is not defined
- name: Set web image name
set_fact:
kubernetes_web_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
when: kubernetes_web_image is not defined
when: docker_registry is defined
- name: Template Kubernetes AWX Deployment - name: Template Kubernetes AWX Deployment
template: template:
src: deployment.yml.j2 src: deployment.yml.j2

14
installer/roles/kubernetes/tasks/openshift.yml
View File

@@ -1,6 +1,10 @@
--- ---
- include_vars: openshift.yml - include_vars: openshift.yml
- name: Set kubernetes_namespace
set_fact:
kubernetes_namespace: "{{ openshift_project }}"
- name: Ensure workspace directories exist - name: Ensure workspace directories exist
file: file:
path: "{{ item }}" path: "{{ item }}"
@@ -30,18 +34,18 @@
no_log: true no_log: true
- name: Get Project Detail - name: Get Project Detail
shell: "{{ openshift_oc_bin }} get project {{ awx_openshift_project }}" shell: "{{ openshift_oc_bin }} get project {{ openshift_project }}"
register: project_details register: project_details
ignore_errors: yes ignore_errors: yes
- name: Create AWX Openshift Project - name: Create AWX Openshift Project
shell: "{{ openshift_oc_bin }} new-project {{ awx_openshift_project }}" shell: "{{ openshift_oc_bin }} new-project {{ openshift_project }}"
when: project_details.rc != 0 when: project_details.rc != 0
- name: Ensure PostgreSQL PVC is available - name: Ensure PostgreSQL PVC is available
block: block:
- name: Check PVC status - name: Check PVC status
command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ awx_openshift_project }} -o=jsonpath='{.status.phase}'" command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ openshift_project }} -o=jsonpath='{.status.phase}'"
register: pg_pvc_status register: pg_pvc_status
ignore_errors: yes ignore_errors: yes
@@ -49,10 +53,10 @@
assert: assert:
that: that:
- pg_pvc_status.stdout == "Bound" - pg_pvc_status.stdout == "Bound"
msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ awx_openshift_project }}' namespace." msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ openshift_project }}' namespace."
when: when:
- pg_hostname is not defined or pg_hostname == '' - pg_hostname is not defined or pg_hostname == ''
- openshift_pg_emptydir is defined and openshift_pg_emptydir != true - openshift_pg_emptydir is defined and (openshift_pg_emptydir | bool) != true
- name: Set postgresql service name - name: Set postgresql service name
set_fact: set_fact:

12
installer/roles/kubernetes/templates/configmap.yml.j2
View File

@@ -1,11 +1,11 @@
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: awx-config name: {{ kubernetes_deployment_name }}-config
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
data: data:
secret_key: {{ awx_secret_key }} secret_key: {{ secret_key }}
awx_settings: | {{ kubernetes_deployment_name }}_settings: |
import os import os
import socket import socket
ADMINS = () ADMINS = ()
@@ -16,8 +16,8 @@ data:
# Automatically deprovision pods that go offline # Automatically deprovision pods that go offline
AWX_AUTO_DEPROVISION_INSTANCES = True AWX_AUTO_DEPROVISION_INSTANCES = True
SYSTEM_TASK_ABS_CPU = {{ ((awx_task_cpu_request|int / 1000) * 4)|int }} SYSTEM_TASK_ABS_CPU = {{ ((task_cpu_request|int / 1000) * 4)|int }}
SYSTEM_TASK_ABS_MEM = {{ ((awx_task_mem_request|int * 1024) / 100)|int }} SYSTEM_TASK_ABS_MEM = {{ ((task_mem_request|int * 1024) / 100)|int }}
#Autoprovisioning should replace this #Autoprovisioning should replace this
CLUSTER_HOST_ID = socket.gethostname() CLUSTER_HOST_ID = socket.gethostname()

105
installer/roles/kubernetes/templates/deployment.yml.j2
View File

@@ -2,7 +2,7 @@
kind: Service kind: Service
apiVersion: v1 apiVersion: v1
metadata: metadata:
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
name: rabbitmq name: rabbitmq
labels: labels:
app: rabbitmq app: rabbitmq
@@ -14,12 +14,10 @@ spec:
protocol: TCP protocol: TCP
port: 15672 port: 15672
targetPort: 15672 targetPort: 15672
nodePort: 31672
- name: amqp - name: amqp
protocol: TCP protocol: TCP
port: 5672 port: 5672
targetPort: 5672 targetPort: 5672
nodePort: 30672
selector: selector:
app: rabbitmq app: rabbitmq
@@ -28,7 +26,7 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: rabbitmq-config name: rabbitmq-config
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
data: data:
enabled_plugins: | enabled_plugins: |
[rabbitmq_management,rabbitmq_peer_discovery_k8s]. [rabbitmq_management,rabbitmq_peer_discovery_k8s].
@@ -54,7 +52,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: rabbitmq name: rabbitmq
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
{% if kubernetes_context is defined %} {% if kubernetes_context is defined %}
--- ---
@@ -62,7 +60,7 @@ kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1beta1
metadata: metadata:
name: endpoint-reader name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["endpoints"] resources: ["endpoints"]
@@ -72,7 +70,7 @@ kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1 apiVersion: rbac.authorization.k8s.io/v1beta1
metadata: metadata:
name: endpoint-reader name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: rabbitmq name: rabbitmq
@@ -88,7 +86,7 @@ kind: Role
apiVersion: v1 apiVersion: v1
metadata: metadata:
name: endpoint-reader name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["endpoints"] resources: ["endpoints"]
@@ -98,53 +96,58 @@ kind: RoleBinding
apiVersion: v1 apiVersion: v1
metadata: metadata:
name: endpoint-reader name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
roleRef: roleRef:
name: endpoint-reader name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: rabbitmq name: rabbitmq
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
userNames: userNames:
- system:serviceaccount:{{ awx_kubernetes_namespace }}:rabbitmq - system:serviceaccount:{{ kubernetes_namespace }}:rabbitmq
{% endif %} {% endif %}
--- ---
{% if openshift_host is defined %}
apiVersion: v1
kind: DeploymentConfig
{% else %}
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Deployment kind: DeploymentConfig
{% endif %}
metadata: metadata:
name: awx name: {{ kubernetes_deployment_name }}
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
spec: spec:
replicas: 1 replicas: 1
template: template:
metadata: metadata:
labels: labels:
name: awx-web-deploy name: {{ kubernetes_deployment_name }}-web-deploy
service: django service: django
app: rabbitmq app: rabbitmq
spec: spec:
serviceAccountName: rabbitmq serviceAccountName: rabbitmq
containers: containers:
- name: awx-web - name: {{ kubernetes_deployment_name }}-web
image: {{ awx_web_kubernetes_image }} image: {{ kubernetes_web_image | default(dockerhub_web_image) }}
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 8052 - containerPort: 8052
volumeMounts: volumeMounts:
- mountPath: /etc/tower - mountPath: /etc/tower
name: awx-application-config name: {{ kubernetes_deployment_name }}-application-config
resources: resources:
requests: requests:
memory: "{{ awx_web_mem_request }}Gi" memory: "{{ web_mem_request }}Gi"
cpu: "{{ awx_web_cpu_request }}m" cpu: "{{ web_cpu_request }}m"
- name: awx-celery - name: {{ kubernetes_deployment_name }}-celery
image: {{ awx_task_kubernetes_image }} image: {{ kubernetes_task_image | default(dockerhub_task_image) }}
imagePullPolicy: Always imagePullPolicy: Always
volumeMounts: volumeMounts:
- mountPath: /etc/tower - mountPath: /etc/tower
name: awx-application-config name: {{ kubernetes_deployment_name }}-application-config
env: env:
- name: DATABASE_USER - name: DATABASE_USER
value: {{ pg_username }} value: {{ pg_username }}
@@ -166,10 +169,10 @@ spec:
value: {{ default_admin_password|default('password') }} value: {{ default_admin_password|default('password') }}
resources: resources:
requests: requests:
memory: "{{ awx_task_mem_request }}Gi" memory: "{{ task_mem_request }}Gi"
cpu: "{{ awx_task_cpu_request }}m" cpu: "{{ task_cpu_request }}m"
- name: awx-rabbit - name: {{ kubernetes_deployment_name }}-rabbit
image: ansible/awx_rabbitmq:{{ rabbitmq_version }} image: "{{ kubernetes_rabbitmq_image }}:{{ kubernetes_rabbitmq_version }}"
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- name: http - name: http
@@ -206,20 +209,20 @@ spec:
mountPath: /etc/rabbitmq mountPath: /etc/rabbitmq
resources: resources:
requests: requests:
memory: "{{ awx_rabbitmq_mem_request }}Gi" memory: "{{ rabbitmq_mem_request }}Gi"
cpu: "{{ awx_rabbitmq_cpu_request }}m" cpu: "{{ rabbitmq_cpu_request }}m"
- name: awx-memcached - name: {{ kubernetes_deployment_name }}-memcached
image: memcached image: "{{ kubernetes_memcached_image }}:{{ kubernetes_memcached_version }}"
resources: resources:
requests: requests:
memory: "{{ awx_memcached_mem_request }}Gi" memory: "{{ memcached_mem_request }}Gi"
cpu: "{{ awx_memcached_cpu_request }}m" cpu: "{{ memcached_cpu_request }}m"
volumes: volumes:
- name: awx-application-config - name: {{ kubernetes_deployment_name }}-application-config
configMap: configMap:
name: awx-config name: {{ kubernetes_deployment_name }}-config
items: items:
- key: awx_settings - key: {{ kubernetes_deployment_name }}_settings
path: settings.py path: settings.py
- key: secret_key - key: secret_key
path: SECRET_KEY path: SECRET_KEY
@@ -235,10 +238,10 @@ spec:
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: awx-web-svc name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
labels: labels:
name: awx-web-svc name: {{ kubernetes_deployment_name }}-web-svc
spec: spec:
type: "NodePort" type: "NodePort"
ports: ports:
@@ -246,15 +249,15 @@ spec:
port: 80 port: 80
targetPort: 8052 targetPort: 8052
selector: selector:
name: awx-web-deploy name: {{ kubernetes_deployment_name }}-web-deploy
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: awx-rmq-mgmt name: {{ kubernetes_deployment_name }}-rmq-mgmt
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
labels: labels:
name: awx-rmq-mgmt name: {{ kubernetes_deployment_name }}-rmq-mgmt
spec: spec:
type: ClusterIP type: ClusterIP
ports: ports:
@@ -262,17 +265,17 @@ spec:
port: 15672 port: 15672
targetPort: 15672 targetPort: 15672
selector: selector:
name: awx-web-deploy name: {{ kubernetes_deployment_name }}-web-deploy
{% if kubernetes_context is defined %} {% if kubernetes_context is defined %}
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress
metadata: metadata:
name: awx-web-svc name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
spec: spec:
backend: backend:
serviceName: awx-web-svc serviceName: {{ kubernetes_deployment_name }}-web-svc
servicePort: 80 servicePort: 80
{% endif %} {% endif %}
{% if openshift_host is defined %} {% if openshift_host is defined %}
@@ -280,8 +283,8 @@ spec:
apiVersion: v1 apiVersion: v1
kind: Route kind: Route
metadata: metadata:
name: awx-web-svc name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ awx_kubernetes_namespace }} namespace: {{ kubernetes_namespace }}
spec: spec:
port: port:
targetPort: http targetPort: http
@@ -290,7 +293,7 @@ spec:
termination: edge termination: edge
to: to:
kind: Service kind: Service
name: awx-web-svc name: {{ kubernetes_deployment_name }}-web-svc
weight: 100 weight: 100
wildcardPolicy: None wildcardPolicy: None
{% endif %} {% endif %}

39
installer/roles/local_docker/tasks/set_image.yml
View File

@@ -3,29 +3,20 @@
block: block:
- name: Export Docker web image if it isnt local and there isnt a registry defined - name: Export Docker web image if it isnt local and there isnt a registry defined
docker_image: docker_image:
name: "{{ awx_web_image }}" name: "{{ web_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost delegate_to: localhost
- name: Export Docker task image if it isnt local and there isnt a registry defined - name: Export Docker task image if it isnt local and there isnt a registry defined
docker_image: docker_image:
name: "{{ awx_task_image }}" name: "{{ task_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost delegate_to: localhost
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Set docker base path - name: Set docker base path
set_fact: set_fact:
docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy"
@@ -39,40 +30,36 @@
- name: Copy web image to docker execution - name: Copy web image to docker execution
copy: copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" dest: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar"
when: ansible_connection != "local" and docker_registry is not defined when: ansible_connection != "local" and docker_registry is not defined
- name: Copy task image to docker execution - name: Copy task image to docker execution
copy: copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}" dest: "{{ docker_deploy_base_path }}"
when: ansible_connection != "local" and docker_registry is not defined when: ansible_connection != "local" and docker_registry is not defined
- name: Load web image - name: Load web image
docker_image: docker_image:
name: "{{ awx_web_image }}" name: "{{ web_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" load_path: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar"
timeout: 300 timeout: 300
when: ansible_connection != "local" and docker_registry is not defined when: ansible_connection != "local" and docker_registry is not defined
- name: Load task image - name: Load task image
docker_image: docker_image:
name: "{{ awx_task_image }}" name: "{{ task_image }}"
tag: "{{ awx_version }}" tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" load_path: "{{ docker_deploy_base_path }}/{{ task_image }}_{{ awx_version }}.tar"
timeout: 300 timeout: 300
when: ansible_connection != "local" and docker_registry is not defined when: ansible_connection != "local" and docker_registry is not defined
- include_role:
name: image_push
when: docker_registry is defined and dockerhub_base is not defined
- name: Set full image path for local install - name: Set full image path for local install
set_fact: set_fact:
awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}" awx_web_docker_actual_image: "{{ web_image }}:{{ awx_version }}"
awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}" awx_task_docker_actual_image: "{{ task_image }}:{{ awx_version }}"
when: docker_registry is not defined when: docker_registry is not defined
when: dockerhub_base is not defined when: dockerhub_base is not defined

4
installer/roles/local_docker/tasks/standalone.yml
View File

@@ -96,7 +96,7 @@
http_proxy: "{{ http_proxy | default('') }}" http_proxy: "{{ http_proxy | default('') }}"
https_proxy: "{{ https_proxy | default('') }}" https_proxy: "{{ https_proxy | default('') }}"
no_proxy: "{{ no_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}"
SECRET_KEY: "{{ awx_secret_key }}" SECRET_KEY: "{{ secret_key }}"
DATABASE_NAME: "{{ pg_database }}" DATABASE_NAME: "{{ pg_database }}"
DATABASE_USER: "{{ pg_username }}" DATABASE_USER: "{{ pg_username }}"
DATABASE_PASSWORD: "{{ pg_password }}" DATABASE_PASSWORD: "{{ pg_password }}"
@@ -132,7 +132,7 @@
http_proxy: "{{ http_proxy | default('') }}" http_proxy: "{{ http_proxy | default('') }}"
https_proxy: "{{ https_proxy | default('') }}" https_proxy: "{{ https_proxy | default('') }}"
no_proxy: "{{ no_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}"
SECRET_KEY: "{{ awx_secret_key }}" SECRET_KEY: "{{ secret_key }}"
DATABASE_NAME: "{{ pg_database }}" DATABASE_NAME: "{{ pg_database }}"
DATABASE_USER: "{{ pg_username }}" DATABASE_USER: "{{ pg_username }}"
DATABASE_PASSWORD: "{{ pg_password }}" DATABASE_PASSWORD: "{{ pg_password }}"

4
installer/roles/local_docker/templates/docker-compose.yml.j2
View File

@@ -46,7 +46,7 @@ services:
http_proxy: {{ http_proxy | default('') }} http_proxy: {{ http_proxy | default('') }}
https_proxy: {{ https_proxy | default('') }} https_proxy: {{ https_proxy | default('') }}
no_proxy: {{ no_proxy | default('') }} no_proxy: {{ no_proxy | default('') }}
SECRET_KEY: {{ awx_secret_key }} SECRET_KEY: {{ secret_key }}
DATABASE_NAME: {{ pg_database }} DATABASE_NAME: {{ pg_database }}
DATABASE_USER: {{ pg_username }} DATABASE_USER: {{ pg_username }}
DATABASE_PASSWORD: {{ pg_password }} DATABASE_PASSWORD: {{ pg_password }}
@@ -105,7 +105,7 @@ services:
http_proxy: {{ http_proxy | default('') }} http_proxy: {{ http_proxy | default('') }}
https_proxy: {{ https_proxy | default('') }} https_proxy: {{ https_proxy | default('') }}
no_proxy: {{ no_proxy | default('') }} no_proxy: {{ no_proxy | default('') }}
SECRET_KEY: {{ awx_secret_key }} SECRET_KEY: {{ secret_key }}
DATABASE_NAME: {{ pg_database }} DATABASE_NAME: {{ pg_database }}
DATABASE_USER: {{ pg_username }} DATABASE_USER: {{ pg_username }}
DATABASE_PASSWORD: {{ pg_password }} DATABASE_PASSWORD: {{ pg_password }}